Personal Data Protection Policy
This policy document explains our privacy practices regarding the collection, use, disclosure and transfer of your personal information by Symbl Technologies Inc, its subsidiary(ies) and/or affiliate(s) (collectively referred to as the “Symbl Technologies” or we or us).
- Key objectives of this Personal Data Protection Policy are:
- To demonstrate a set of privacy and personal data protection standards that govern Symbl Technologies’s procedures to collect, store and process personal data in a lawful manner;
- To provide consistent treatment of personal data throughout Symbl Technologies entities;
- To ensure personal data is protected from data security risks;
- To ensure personal data is transferred or processed in a manner consistent with the applicable data protection laws and regulations.
- Adhere to the data protection principles of notice, choice and consent, onward transfer, security, data integrity, access, and enforcement
Personal Information that we collect
Symbl Technologies collects and processes only such Personal Data as is adequate, relevant and limited in scope to the requirement and for a length of time that is necessary for the stated purposes of its use.
The information about you that you give to us by filling in forms on our website (or other forms that we ask you to complete), giving us a business card (or similar) or corresponding with us by telephone, post, email or otherwise. It may include, your name, address, email address and telephone number; and information about your professional role, background, and interests;
If you exchange emails, telephone conversations or other electronic communications with our employees and other staff members, our information technology systems may record details of those conversations’;
If we have a business relationship with the organization that you represent, your colleagues or other business contacts may give us information about you such as your contact details or details of your role in the relationship;
As per the agreement with the respective business, information generated by the use of our products and services.
Cookie related details are provided below.
Use of Personal Information
Symbl Technologies as a data controller or data processor has established the specific purposes for which Personal Data is being collected and that it’s collection and processing of Personal Data is done in a manner consistent with those stated purposes. Symbl Technologies does not utilize an individual’s Personal Data in its control, beyond the scope for which it was collected without prior written consent from the individual.
The Personal Data may be processed for purposes including without limitation:
Administering relationships services with various stakeholders;
providing individuals with information concerning products and services which Symbl Technologies believes to be of interest;
compliance with any requirement of law, regulation, associations, codes that Symbl Technologies decides to adopt;
for the purpose of, or in connection with, any legal proceedings for obtaining legal advice or for establishing, exercising or defending legal rights or any other purpose connected to or incidental to the purposes stated above;
Personal Data collected at the website – cookies may be used in the website to track user behavior, etc., and/or user name, address, email, the phone number may be collected for marketing or research purposes;
Transcripts of calls;
for improving the performance, quality, and experience of our products and services;
accounting and billing/payment purposes (including to offer financing solutions to customers, together with our finance partners);
to operate, administer and improve our website and premises and other aspects of the way in which we conduct our operations;
for recruitment purpose;
for employment-related services;
for contractual obligations and client services.
Legal Basis for Processing Data
We process your Personal Data when it is necessary for the performance of a contract to which you are the party or in order to take steps at your request prior to entering into a contract. Personal Information for the performance of a contract in the following circumstances:
We process your Personal Information when it is necessary for the purposes of a legitimate interest pursued by us or a third party (when these interests are not overridden by your data protection rights).
We obtain consent from the data subject prior to collecting, storing and processing of Personal Data wherever information processed is based on the data subject’s consent as a legal basis.
We give privacy notice detailing personal data processing and requirements in a simple format to all data subjects for whom we process data as a data controller.
Disclosure and international transfer of Personal Data
We may disclose your personal information, where reasonably necessary for the various purposes set out above:
to your colleagues within the organization that you represent;
to service providers who process your information on our behalf, under conditions of confidentiality and data security required by law of the origin of such information;
business partners, channel partners, service partner, agents, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
to competent regulatory, prosecuting and other governmental agencies, or litigation counterparties, in any country or territory; or
where we are required by law to disclose.
In those cases, where we transfer your personal information to our service providers, we will ensure that our arrangements with them are governed by relevant legal mechanisms and safeguards including data transfer agreements supported by standard contractual clauses, designed to ensure that your personal data and information is protected, on terms approved for this purpose by the European Commission and any other legal and regulatory authorities of country from where such information is originated.
Data Subject Rights: Access, Correction, Objection and Deletion
You have the right to access, correct, object or delete your Personal Data that we hold
Symbl Technologies recognizes that data subjects have a right to request a copy of the Personal Data held by Symbl Technologies. If any Personal Data is found to be incorrect, the individual concerned has the right to file a request to amend, update or delete it, as appropriate. Individuals also have a right to object to the processing of their Personal Data as per the prevailing laws.
If Symbl Technologies undertakes transactions or other services that involve the processing or disclosure of Personal Data on behalf of any of our client or counterparty, it shall be the responsibility of such client or counterparty to ensure that it has all necessary authority to permit Symbl Technologies to process and disclose the Personal Data accordingly.
An individual has the right to object to data processing where Symbl Technologies has taken their consent for such data processing by informing the appropriate authority within Symbl Technologies.
The Personal data be deleted from the system on request or when it has served its purpose, only after a complete evaluation of compliance with any applicable legal obligations or legitimate reasons
If you wish to exercise any of these rights (subject to applicable local laws) or have complaints about our processing of your personal information, please Contact us by writing an email to firstname.lastname@example.org
Confidentiality and Security of Personal Data
Symbl Technologies has taken prudent steps to safeguard the confidentiality and security of all Personal Data including taking procedural and organizational steps to protect Personal Data from accidental or unlawful destruction and disclosure. In addition, Symbl Technologies strives to protect personally identifiable information that it maintains or disseminates so that it is not accessed or obtained by unauthorized individuals or used in unauthorized ways.
Personal Data Retention
Privacy by Design
Privacy controls are considered while designing and implementing new or existing systems or processes, based on the technologies available, cost of implementation, scope, context and purposes of collecting, storing and processing Personal Data.
Symbl Technologies has implemented appropriate data-protection principles, technical and organizational measures, such as data minimization, data encryption, etc. to ensure that Personal Data is secure.
All Symbl Technologies personnel handling Personal Data have a responsibility to report any data privacy breach related incidents and any violations of this policy to data privacy office.
Symbl Technologies mean and include its Affiliates and group entities.
Affiliates mean Symbl Technologies Limited, Symbl Technologies Inc., Symbl Technologies and (a) any persons or entities that, now or in the future, directly or indirectly, control, are controlled by them, or are under common control, or (b) any persons or entities that are acquired, managed, or operated by them, whether by membership, stock ownership, joint operating agreement, or other substantial relationship.
Data Protection Laws and Regulations means, General Data Protection Regulation(GDPR) 2016 / 679, as well as applicable data protection and privacy laws that exist in the United States of America, the EU, and any other country.
European Union – means the current EU Member State countries of: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom.
Personal Data under GDPR means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
The lawful processing means that the activity is conducted in accordance with applicable national or international laws.
‘Personal information’ under Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 (Privacy Rules) means any information that relates to a natural person, which either directly or indirectly, in combination with other information that is available or likely to be available to a corporate entity, is capable of identifying such person
Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Specified purpose means being clear from the outset about why we are collecting Personal Data and are transparent about our purposes with the individuals concerned.
Sensitive personal data or information under Privacy Rules—means such personal information which consists of information relating to;— (i) password; (ii) financial information such as Bank account or credit card or debit card or other payment instrument details ; (iii) physical, physiological and mental health condition; (iv) sexual orientation; (v) medical records and history; (vi) Biometric information; (vii) any detail relating to the above clauses as provided to body corporate for providing service; and (viii) any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise: provided that, any information that is freely available or accessible in the public domain or furnished under law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of these rules.